package org.projects.graduates.shiro;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.projects.graduates.Constants;
import org.projects.graduates.app.SecurityApplication;
import org.projects.graduates.app.impl.SecurityApplicationImpl;
import org.projects.graduates.domain.Role;
import org.projects.graduates.domain.User;
import org.projects.graduates.domain.UserRoles;

public class GradRealm extends AuthorizingRealm {

	private SecurityApplication securityApplication = new SecurityApplicationImpl();

	public GradRealm() {
		super();
		//设置认证token的实现类
		setAuthenticationTokenClass(UsernamePasswordToken.class);
		//设置加密算法
		setCredentialsMatcher(new HashedCredentialsMatcher(Constants.SECURITY_TYPE));
		
	}

	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		String loginName = (String) principalCollection.fromRealm(getName()).iterator().next();
		User user = securityApplication.findby(loginName);
		if (null == user) {
			return null;
		} else {
			SimpleAuthorizationInfo result = new SimpleAuthorizationInfo();
			
			result.addRoles(UserRoles.findRoleNamesOf(user));
			for (Role role : UserRoles.findRolesOf(user)) {
				result.addStringPermissions(role.getPermissions());
			}
			
			return result;

		}
	}

	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		UsernamePasswordToken upToken = (UsernamePasswordToken) token;
		User user = securityApplication.findby(upToken.getUsername());
		if (user != null) {
			return new SimpleAuthenticationInfo(user.getUsername(), user.getPassword(), getName());
		}
		return null;
	}
}
